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Topic: Update on the work of the Risk & Governance Board 


Reason for report: This report fulfils the requirement of the Board to 
provide an update on its work to SLT. 


Areas for discussion by SLT: N/A 


Executive Summary: The first meeting of the Risk & Governance 
Board is due to take place on 10 November. 


Key achievements: N/A 
Key challenges: N/A 


Upcoming issues: At it’s first meeting the Board will be considering the 
following items:- 
e Outcomes of the recent Corporate Risk review; to recommend to 
risk owners any changes to the ICO corporate risks 
e Review of the Scheme of Delegations; to discuss any changes to the 
ICO’s scheme of delegation, for recommendation to the 
Commissioner 
e Inside Information Policy; to receive an update on development of 
the ICO’s inside information policy, and its links to behaviour 
policies. 
e Annual Report and the lessons learned from last year; to consider 
improvements that can be made to the annual report process. 
e Healthy Challenge Culture; for the Board to agree any steps to be 
taken to deliver a healthy challenge culture within the ICO. 


Updates will be provided on the following: 

e recent internal audits, together with progress against the internal 
audit actions; to give assurance to the Board on progress to 
implement recommendations from recent internal audits 

e ICO Constitutional Review; to provide assurance to the Board on 
progress within Operation Chandra 


As part of the rolling programme the Board will be receiving updates from 
the Information risk and cyber security working group, reviewing 


performance against internal/non-regulatory KPIs and gaining assurance 
on risk management. 


Publication considerations: This report can be published internally 
and externally. 


